Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019 Ran by juan (02-03-2019 19:30:10) Running from D:\ Windows 10 Home Version 1803 17134.590 (X64) (2018-05-16 12:51:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrador (S-1-5-21-4064279468-505889630-3159123182-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4064279468-505889630-3159123182-503 - Limited - Disabled) defaultuser0 (S-1-5-21-4064279468-505889630-3159123182-1000 - Limited - Disabled) => C:\Users\defaultuser0 HomeGroupUser$ (S-1-5-21-4064279468-505889630-3159123182-1003 - Limited - Enabled) Invitado (S-1-5-21-4064279468-505889630-3159123182-501 - Limited - Disabled) juan (S-1-5-21-4064279468-505889630-3159123182-1001 - Administrator - Enabled) => C:\Users\juan WDAGUtilityAccount (S-1-5-21-4064279468-505889630-3159123182-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) . . (HKLM\...\{5F4E8D94-3947-4019-9239-D2541C9A35F2}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{7A5E4942-A527-42E6-A5FC-95109B756CA8}) (Version: 3.5.1.7 - Intel) Hidden µTorrent (HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.) 3DMark (HKLM\...\{62A3D06F-97B8-4CD0-9B7F-3B06C4DF377B}) (Version: 2.4.4264.0 - Futuremark) Hidden 3DMark (HKLM-x32\...\{0034a3c4-a299-491d-b683-791a538a7db4}) (Version: 2.4.4264.0 - Futuremark) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov) Actualización de NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) ApoDispatchConfigurator (HKLM\...\{B6080F82-4509-41B2-95F1-42F9820E4BF7}) (Version: 2.3.1001 - Nahimic) Hidden AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.28 - Rivet Networks) AR8171 Drivers (HKLM\...\{AC937267-F287-4B31-89E3-70C978366D87}) (Version: 1.0.0.28 - Rivet Networks) Hidden AudioLaunchpadConfigurator (HKLM\...\{6F54B90D-630B-4801-B719-8F66A13B1780}) (Version: 2.3.1001 - Nahimic) Hidden AutoFirma (HKLM-x32\...\AutoFirma ) (Version: 1.5.0.JAv01 - Junta de Andalucía) Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1608.1201 - Application) Hidden BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1608.1201 - Application) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform) CheckDevicesConfigurator (HKLM\...\{14CCE92B-2E14-4824-B25B-ACFD26E9CB49}) (Version: 2.3.1001 - Nahimic) Hidden Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.6 - FNMT-RCM) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5307.55 - CyberLink Corp.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.) Hidden Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1705.3101 - Micro-Star International Co., Ltd.) DriversCloud.com (64 bits) (HKLM\...\{A05439B0-F943-46C3-85B6-1C9D02A090E8}) (Version: 10.0.7.0 - Cybelsoft) Dropbox (HKLM-x32\...\Dropbox) (Version: 67.4.83 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden Eassos System Restore 2.0.6 (HKLM\...\{37E567C7-EB03-4349-B068-1FD0A2CD55FE}_is1) (Version: - Eassos Co., Ltd.) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) Futuremark SystemInfo (HKLM-x32\...\{8AD048D8-1975-47F5-800F-15028E84F2C5}) (Version: 5.5.646.0 - Futuremark) Geekbench 4 (HKLM-x32\...\Geekbench 4) (Version: - Primate Labs Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.) Hidden Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.) iCare Data Recovery Pro (HKLM-x32\...\{F7EAB243-4D0C-47F5-A4F1-74D350E45489}_is1) (Version: 8.0.6 - iCareAll Inc.) Intel GFX Driver (HKLM-x32\...\{ca0ebadf-f7bd-4e32-9fec-e19a5d68c724}) (Version: 1.0.0.0 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{2C895850-899F-4E06-ADB6-28A654FFCF9D}) (Version: 2.2.04036 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6326 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000070-0200-1034-84C8-B8D95FA3C8C3}) (Version: 20.70.0 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{ef2ad7ab-dd41-48ed-ae53-f7fe3cd903d8}) (Version: 3.5.1.7 - Intel) Intel® Hardware Accelerated Execution Manager (HKLM\...\{73D60EDA-FD00-4CB4-8723-212AFB2219CF}) (Version: 7.3.0 - Intel Corporation) Joyoshare Screen Recorder 1.0.1.10 (HKLM-x32\...\Joyoshare Screen Recorder_is1) (Version: - Joyoshare, Inc.) KB9X Radio Switch Driver (HKLM\...\EC950B206B0E7722C96A318DF396BABFBB057BC0) (Version: 1.1.2.0 - ENE TECHNOLOGY INC.) LauncherSetup (HKLM\...\{93B8F278-BF51-41EA-82B4-46A98E93F8F6}) (Version: 2.3.1001 - Nahimic) Hidden LG Mobile Drivers (HKLM-x32\...\{D8D0327A-72B4-4C79-9883-1B6B6C20ED2B}) (Version: 4.0.3 - LG Electronics) LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics) MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Music Maker Silver (HKLM\...\{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH) Hidden MAGIX Music Maker Silver (HKLM-x32\...\MX.{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH) MAGIX Music Maker Silver Soundpools (HKLM\...\{CC8B6E22-F579-46A1-A9F3-985F114590F0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Photo Manager 16 (HKLM\...\{B33D219F-2504-45A7-863B-999ED3E38B01}) (Version: 12.0.0.26 - MAGIX Software GmbH) Hidden MAGIX Photo Manager 16 (HKLM-x32\...\MX.{B33D219F-2504-45A7-863B-999ED3E38B01}) (Version: 12.0.0.26 - MAGIX Software GmbH) Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.11231.20174 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation) MSI Remind Manager (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 1.6.3.005 - Portrait Displays, Inc.) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Nahimic 2 (HKLM-x32\...\{7a081a12-52f8-4dbb-adae-6d4d9bd7f436}) (Version: 2.3.10 - Nahimic) Nahimic2UISetup (HKLM\...\{8CE19F66-04C3-4385-83A9-1BD663E47D3F}) (Version: 2.3.1001 - Nahimic) Hidden NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - ) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden NVIDIA Controlador de gráficos 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation) NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation) NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc) Panel de control de NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden ProductDaemonSetup (HKLM\...\{60B367F2-61B6-409C-8412-D715541172C5}) (Version: 2.3.1001 - Nahimic) Hidden ProductNSConfigurator (HKLM\...\{6B2479C8-1D5A-43C6-B427-FE3AE58284BC}) (Version: 2.3.1001 - Nahimic) Hidden RapiCapWin 2.0.2 (HKLM-x32\...\RapiCapWin_is1) (Version: 2.0.2 - RapiCapWin.com) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31236 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8264 - Realtek Semiconductor Corp.) Registro de usuario de Canon MP280 series (HKLM-x32\...\Registro de usuario de Canon MP280 series) (Version: - ) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) SCM (HKLM\...\{C532FCEC-75CD-477D-94E1-61B50BC679F0}) (Version: 13.016.10073 - Application) Shortcut Manager (HKLM-x32\...\{263B2528-9E7A-42DD-B132-490D9BD4CA3B}) (Version: 1.1.1607.1401 - Application) Hidden Shortcut Manager (HKLM-x32\...\InstallShield_{263B2528-9E7A-42DD-B132-490D9BD4CA3B}) (Version: 1.1.1607.1401 - Application) Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.) Software Intel® PROSet/Wireless (HKLM-x32\...\{31a05164-f722-485c-90e3-db78421fa156}) (Version: 20.70.0 - Intel Corporation) Software para dispositivos de chipset Intel® (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden SonicMapperConfigurator (HKLM\...\{A0A49515-4B8F-4920-BD8E-FD567F73C7B7}) (Version: 2.3.1001 - Nahimic) Hidden Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TomTom HOME (HKLM-x32\...\{C62E4A07-973C-4257-B034-F4F10F1124C3}) (Version: 2.10.1 - Nombre de su organización) TomTom MyDrive Connect 4.2.3.3625 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.3.3625 - TomTom) TotalD (HKLM-x32\...\{5BB5F772-0259-4C8E-BB3D-93A334C9576F}_is1) (Version: 1.5.6 - www.totald.org) UIInstallUpgrade (HKLM\...\{474C5BCD-7BCC-47BC-8D07-B68E7F64402A}) (Version: 2.3.1001 - Nahimic) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{F3874F6F-EA00-487D-BEAD-5FAA010E78F2}) (Version: 1.15.0.0 - Microsoft Corporation) Hidden VdhCoApp 1.2.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Vov Screen Recorder (HKLM-x32\...\Vov Screen Recorder_is1) (Version: 1.7.0.0 - VOVSOFT) VPN PRO (HKLM-x32\...\VPNPRO_is1) (Version: 1.4.0.178 - Innovative Solutions) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\WhatsApp) (Version: 0.3.2043 - WhatsApp) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.80 Build 33 - Windscribe Limited) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24115}) (Version: 22.0.12670 - Corel Corporation) ZD Soft Screen Recorder 11.1.16 (HKLM-x32\...\{831B3AB8-3055-4CB1-99E2-D1D6CC68249C}) (Version: 11.1.16.0 - ZD Soft) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4064279468-505889630-3159123182-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-4064279468-505889630-3159123182-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll () [File not signed] CustomCLSID: HKU\S-1-5-21-4064279468-505889630-3159123182-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\juan\Dropbox [2017-02-18 13:46] ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (Corel Corporation -> WinZip Computing, S.L.) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (Corel Corporation -> WinZip Computing, S.L.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c4f600ffe34acc7b\igfxDTCM.dll [2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (Corel Corporation -> WinZip Computing, S.L.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {06127BB4-8D9E-48AB-85D1-DF5CD360C12C} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe Task: {0C9A705A-E432-4612-AA10-17664DBC0334} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe (A-Volute -> ) Task: {0FD57AE9-674C-42CF-8AD2-E4E64351D29C} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe (A-Volute -> ) Task: {147789A7-EE00-4DBC-89BB-9FC19607AF3F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {1680AA33-4EFE-41DE-9884-A5A416C15C07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {2AF24676-FBFC-4F27-9B75-C7055EC86DC0} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {36CE181C-4F3D-44EB-ACA3-4D11FD607E8B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {3737C468-8081-4D92-BD2D-7A78A02D3967} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exeMicrosoft Corporation Task: {41C59142-757A-424F-85CB-FACDB26B025E} - System32\Tasks\Driver Booster SkipUAC (juan) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe Task: {4412EE1E-500D-4A6C-B3F0-01E093D2A4F8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exeMicrosoft Corporation Task: {44979EF8-89F8-4496-9ED8-760E07C8118C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {4C437412-BC1E-4236-BE4F-F7B95A221541} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {59B7AF3D-3808-4696-B5AA-C70A65061F4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {5B74AC4E-195D-4975-BB8F-2E6FBD365189} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {63836376-11BC-4800-8C63-60C307B31AD6} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] Task: {69C4496A-4EA7-43C5-9555-E03F13D15132} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] Task: {6FB473AC-9DFD-41EE-B57B-0FC1029EF3FF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {8052C06A-DD34-4994-850F-91D606D7112A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {85B88A73-0D28-4B52-93B5-3AFFFD3077A3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exeMicrosoft Corporation Task: {875760D7-07B2-4194-A1EB-5CBA38110C8B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {98DD31D9-EF0B-4B71-999D-D1B6A573F326} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {99C703CF-EA96-4509-A536-09262969C565} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {9B6FDE15-BF75-4A38-811F-BEF403496E7E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {9C18AF94-9BBC-45E1-A59E-B88BCD2E90D5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {A096F86A-1C69-467F-AA80-0F5936DF0422} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {A4E24405-551C-45C9-A2FC-5E374EA32AAF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {ADABEACF-39D5-44CF-A1E6-980FF31B3088} - System32\Tasks\MSI_Shortcut Manager => C:\Program Files (x86)\MSI\Shortcut Manager\HotkeyListener.exe (Micro-Star International CO., LTD. -> Application) [File not signed] Task: {AE593CE2-35F9-413B-846F-C03A62E46C1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {B3B4F672-B5F3-41B0-8845-2B46A75C0A40} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {B68C1492-896D-4405-8DD5-C05553A21006} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exeMicrosoft Corporation Task: {B8408867-8CE1-4160-9B59-F0FFF40714B2} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {C36135B0-20A3-49A3-8A31-5460675BC0FE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {C480B60F-48CC-43BF-A325-C9AA3A92EC25} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {C890E518-0385-40FB-A4FF-3293449E0C02} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation) Task: {CF259C65-9402-4873-8A27-ED32962FF70E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {DFB454CF-272D-4320-B29F-916C2AF3E7BC} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {E29C007B-BFE7-4185-BAF5-0A88265F2A80} - System32\Tasks\MSISCMTsk => C:\Program Files (x86)\MSI\MSI Remind Manager\MSISCMTsk.exe (Micro-Star International CO., LTD. -> Application) [File not signed] Task: {E5E00BE5-19E0-4E7C-B2A4-63C54E953A88} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation) Task: {EC4457C7-EA07-4690-870F-943BABB97E7E} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe (A-Volute -> ) Task: {EC6FEF8F-A565-409D-AC95-0DFD3C127638} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {F90CCE4F-A63E-4D64-B1B5-20A66B398A8F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {FA8A77F9-11FD-4024-A9D5-E90C1540B7CB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation) Task: {FBC36656-2B4A-4AC7-8818-C0AD0E7E4AE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {FF6D02DA-C9DC-4237-8EC7-4970A3A8EF05} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2009-07-10 00:54 - 2009-07-10 00:54 - 000160768 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWoW64\MSIService.exe 2018-09-21 00:51 - 2017-06-19 10:12 - 000197632 _____ (Iskysoft) [File not signed] C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\IsAppCommon.dll 2018-09-21 00:51 - 2015-02-27 09:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\Newtonsoft.Json.dll 2018-09-21 00:51 - 2017-06-19 10:12 - 000087040 _____ (Iskysoft) [File not signed] C:\Program Files (x86)\Iskysoft\IAF\2.4.3.227\IsAppCollect.dll 2018-01-28 19:00 - 2018-01-28 19:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2016-07-14 22:44 - 2016-07-14 22:44 - 000916248 _____ (Micro-Star International CO., LTD. -> Application) [File not signed] C:\Program Files (x86)\MSI\Shortcut Manager\HotkeyListener.exe 2013-05-24 18:22 - 2013-05-24 18:22 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Shortcut Manager\WinIo64.dll 2012-01-24 03:19 - 2012-01-24 03:19 - 001858048 _____ (MAGIX AG) [File not signed] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\fnmt.es -> hxxp://fnmt.es IE trusted site: HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\fnmt.es -> hxxps://fnmt.es IE trusted site: HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\fnmt.es%20,%20https -> hxxps://fnmt.es%20,%20https IE trusted site: HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\fnmt.gob.es -> hxxps://fnmt.gob.es IE trusted site: HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\fnmt.gob.es -> hxxp://fnmt.gob.es IE trusted site: HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\google.es -> hxxps://www.google.es IE trusted site: HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\localhost -> localhost ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 12:47 - 2019-03-02 16:39 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\skype\phone\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\OpenSSH\;C:\Android;C:\Windows\System32;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-4064279468-505889630-3159123182-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\juan\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{e189ee66-68e5-473b-8dbe-4d1f575209d0}.jpg DNS Servers: 62.197.111.140 - 109.88.203.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "Nahimic2UILauncher" HKLM\...\StartupApproved\Run: => "MsiTrueColor" HKLM\...\StartupApproved\Run: => "SCM" HKLM\...\StartupApproved\Run: => "CanonMyPrinter" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx" HKLM\...\StartupApproved\Run32: => "SOS Notifier" HKLM\...\StartupApproved\Run32: => "DSATray" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\StartupFolder: => "6a343801d1fde1efdcd2e4142860e183.lnk" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\Run: => "IDMan" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\Run: => "SOS Browser Monitor" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\Run: => "FastVD" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\Run: => "6a343801d1fde1efdcd2e4142860e183" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-4064279468-505889630-3159123182-1001\...\StartupApproved\Run: => "a343801d" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D2BE36D8-32CD-4894-A6E3-4BC32E256D4E}] => (Allow) C:\Program Files (x86)\Innovative Solutions\VPN PRO\vpnpro.exe (Innovative Solutions Grup SRL -> Innovative Solutions) FirewallRules: [{16AA7514-F7E0-4A4B-81C9-85877DF26429}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{269E81F6-177F-4BD2-B947-9AA6BA8537F8}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom) FirewallRules: [{9F3FFF7B-60F4-4DBE-A4FA-88BFD10AD496}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FC06D49D-6203-4E64-9756-0AEE9FD485AD}] => (Allow) C:\Users\juan\AppData\Roaming\Steganos\OnlineShield\Proxy\node.exe (Node.js Foundation -> Node.js) FirewallRules: [TCP Query User{1F19663D-93D1-4BA8-88E6-69F82758FF65}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [UDP Query User{A3BADCA5-B886-443D-9643-80D0CAA05FA7}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [TCP Query User{9B4D8033-2ADF-4A95-B71F-B921A0204CF4}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe FirewallRules: [UDP Query User{DD4CA6B6-B9A5-4A30-BD44-78443F0A29D3}C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\autofirma\autofirma\jre\bin\javaw.exe FirewallRules: [{692B9EE9-0A4D-49EC-B783-43C625DCE972}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft) FirewallRules: [{F7296392-8EE6-4EFE-AA42-4AC7345BD058}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CYBELSOFT -> CybelSoft) FirewallRules: [{2BE5A4A3-FFB2-403E-BBA8-D5D2A03D50C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{D8AB7F21-FCE1-4D06-8FB9-D752C6C2A2AE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{CDD96811-1EF3-489D-AC6E-18BD4B62880A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A2BD1C33-4665-44A4-81EA-2500253DBAF9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{319402EE-6A73-4820-B86D-A2D450E8550A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Gold\System\Unreal.exe () [File not signed] FirewallRules: [{75FBB931-4F3B-4621-B2AD-E7795BB01260}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unreal Gold\System\Unreal.exe () [File not signed] FirewallRules: [{8B01C500-85F6-440A-B975-60EB1D2FE9B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D38CED76-CE75-40A1-9086-211EC69715F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A6FFEF84-801D-40E2-B3ED-A0EE5DC59CB6}] => (Allow) C:\Users\juan\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{7E4D14FD-B3D2-407B-80C4-C0403ABB16EE}] => (Allow) C:\Users\juan\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{FBA9806B-A7B8-4BCD-9FF7-BB9F5C135547}C:\program files (x86)\totald\totald.exe] => (Allow) C:\program files (x86)\totald\totald.exe (Iniciativas Informaticas y de Comunicacion SL -> ) FirewallRules: [UDP Query User{8363C251-ED15-4880-AD67-7372D8D93193}C:\program files (x86)\totald\totald.exe] => (Allow) C:\program files (x86)\totald\totald.exe (Iniciativas Informaticas y de Comunicacion SL -> ) FirewallRules: [TCP Query User{52BC0CA7-A972-4910-A3E5-77F066FC1814}C:\program files (x86)\totald\totald.exe] => (Allow) C:\program files (x86)\totald\totald.exe (Iniciativas Informaticas y de Comunicacion SL -> ) FirewallRules: [UDP Query User{AE10BA56-1F09-4249-BBCF-1CC2F456C4EC}C:\program files (x86)\totald\totald.exe] => (Allow) C:\program files (x86)\totald\totald.exe (Iniciativas Informaticas y de Comunicacion SL -> ) FirewallRules: [{7F2C8791-BDE7-4BA8-AFC4-C61578E3DBE9}] => (Allow) C:\program files (x86)\totald\totald.exe (Iniciativas Informaticas y de Comunicacion SL -> ) FirewallRules: [{507C8F10-ED0A-456F-AC93-EAADE9F26E01}] => (Allow) C:\program files (x86)\totald\totald.exe (Iniciativas Informaticas y de Comunicacion SL -> ) FirewallRules: [{CE90300A-502A-48F5-A3FE-711504D4895C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{49619BD0-A7A8-4391-8BA7-394B84146275}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A5246EB4-B9D4-4E8C-B499-CA307B35F5AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BFDE89FD-570F-4FFE-851F-E2F6CDECC8BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9ADF68E8-90B1-46C8-8045-648F18F41395}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F121838F-398E-4E13-A3ED-F8FEFB984AA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{20CF11F6-55A5-4DE8-B1BB-0936DF11CA5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E85695B4-37F0-4B39-B7A5-DCFF8336B975}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C83337B1-8092-49AC-A21A-480FBD7864A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{26B0548E-62A8-4244-A585-6168C9B2F9EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E86410CE-745E-45DF-BDD7-A9839144EC49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{79E84674-152C-4776-B9BA-707713CBBFAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9EA167F9-BE85-465A-876A-0880C17A86B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C898CB3C-115B-4CAB-AA2A-D9B21CB80CBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7DD98D3C-D2EA-443D-9CCA-9EA61A28D9E2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{26D58F5D-D830-4C1C-9D3A-C2BD8F78D3DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Restore Points ========================= 13-02-2019 13:26:09 Windows Update 22-02-2019 12:15:26 Punto de control programado 01-03-2019 15:20:03 Punto de control programado 02-03-2019 15:48:15 Revo Uninstaller's restore point - MalwareFox AntiMalware 02-03-2019 17:45:30 Revo Uninstaller's restore point - IObit Uninstaller 8 02-03-2019 17:46:53 Revo Uninstaller's restore point - Malwarebytes versión 3.7.1.2839 ==================== Faulty Device Manager Devices ============= Name: Android ADB Interface Description: Android ADB Interface Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b2b0e} Manufacturer: LeMobile Service: WinUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (03/02/2019 05:55:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Dragon Center.exe, versión: 1.2.1705.3101, marca de tiempo: 0x592e2ab4 Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17134.556, marca de tiempo: 0xb9f4a0f1 Código de excepción: 0xe0434352 Desplazamiento de errores: 0x000000000003a388 Identificador del proceso con errores: 0x594 Hora de inicio de la aplicación con errores: 0x01d4d118c4bcea9e Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll Identificador del informe: 2146b4eb-3fc4-4fb7-bea4-e35ac32e1d2c Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (03/02/2019 05:55:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: Dragon Center.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.ComponentModel.Win32Exception en System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo) en MSI_Command_Center.App..ctor() en MSI_Command_Center.App.Main() Error: (03/02/2019 05:45:30 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado. . A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud. Operación: Recopilando datos del escritor Contexto: Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220} Nombre del escritor: System Writer Id. de instancia del escritor: {e3f0cc1a-b8b4-4095-8546-09c2c98f96aa} Error: (03/02/2019 04:39:37 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido. . Operación: Ejecutando operación asincrónica Contexto: Estado actual: DoSnapshotSet Error: (03/02/2019 03:48:14 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado. . A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud. Operación: Recopilando datos del escritor Contexto: Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220} Nombre del escritor: System Writer Id. de instancia del escritor: {e9011cb6-18b1-4904-9bd4-64627977cf68} Error: (03/01/2019 06:11:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Dragon Center.exe, versión: 1.2.1705.3101, marca de tiempo: 0x592e2ab4 Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17134.556, marca de tiempo: 0xb9f4a0f1 Código de excepción: 0xe0434352 Desplazamiento de errores: 0x000000000003a388 Identificador del proceso con errores: 0x20 Hora de inicio de la aplicación con errores: 0x01d4d051c75b26ef Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll Identificador del informe: bedb164f-3d3f-4933-88c5-ab903ad536dc Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (03/01/2019 06:11:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: Dragon Center.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.ComponentModel.Win32Exception en System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo) en MSI_Command_Center.App..ctor() en MSI_Command_Center.App.Main() Error: (02/24/2019 11:10:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: Dragon Center.exe, versión: 1.2.1705.3101, marca de tiempo: 0x592e2ab4 Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17134.556, marca de tiempo: 0xb9f4a0f1 Código de excepción: 0xe0434352 Desplazamiento de errores: 0x000000000003a388 Identificador del proceso con errores: 0x7464 Hora de inicio de la aplicación con errores: 0x01d4cc293865980b Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll Identificador del informe: 05d5219c-3474-432c-a1a1-26f4d8e16303 Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: System errors: ============= Error: (03/02/2019 05:54:55 PM) (Source: DCOM) (EventID: 10016) (User: MSI) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario MSI\juan con SID (S-1-5-21-4064279468-505889630-3159123182-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (03/02/2019 05:54:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID Windows.SecurityCenter.WscDataProtection y APPID No disponible al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (03/02/2019 05:54:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID Windows.SecurityCenter.WscBrokerManager y APPID No disponible al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (03/02/2019 05:52:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (03/02/2019 05:52:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (03/02/2019 05:52:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} y APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} al usuario NT AUTHORITY\Servicio de red con SID (S-1-5-20) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes. Error: (03/02/2019 05:52:00 PM) (Source: DCOM) (EventID: 10010) (User: MSI) Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido. Error: (03/02/2019 05:52:00 PM) (Source: DCOM) (EventID: 10010) (User: MSI) Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido. Windows Defender: =================================== Date: 2019-03-02 15:16:07.981 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {9FC2D89A-73D4-4D60-B70B-AF4D48F9E27E} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-03-01 17:15:29.514 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {63C57F95-74B0-43F9-A9AB-58AD1F60988A} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-03-01 15:22:44.359 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {762E6958-D899-4C6F-91F7-BBB2720FAA2B} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-02-25 15:20:46.745 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {E2EE9476-683A-46EF-A49E-98E97A5FD2A7} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-02-25 15:10:06.527 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {E1CB5EA0-5344-450F-8FF1-F0D4956E5927} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2019-02-20 11:21:44.145 Description: Antivirus de Windows Defender encontró un error al intentar actualizar las firmas. Nueva versión de firma: Versión de firma anterior: 1.287.392.0 Origen de actualización: Servidor de Microsoft Update Tipo de firma: AntiVirus Tipo de actualización: Completa Usuario: NT AUTHORITY\SYSTEM Versión de motor actual: Versión de motor anterior: 1.1.15700.8 Código de error: 0x80240438 Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. CodeIntegrity: =================================== Date: 2018-06-10 20:27:46.879 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-10 20:27:46.538 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-10 20:27:39.134 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-10 20:27:39.132 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-10 20:21:32.693 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-10 20:21:32.333 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-10 20:21:21.738 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-06-10 20:21:21.656 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz Percentage of memory in use: 26% Total physical RAM: 16304.11 MB Available physical RAM: 12026.77 MB Total Virtual: 17328.11 MB Available Virtual: 12055.74 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:237.18 GB) (Free:156.52 GB) NTFS Drive d: (Data) (Fixed) (Total:914.74 GB) (Free:556.37 GB) NTFS \\?\Volume{25578011-5033-4ada-a1c5-81b167d2dcfb}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.43 GB) NTFS \\?\Volume{b86bd1c2-8499-47fd-851c-6bd55934834e}\ (BIOS_RVY) (Fixed) (Total:16.77 GB) (Free:0.66 GB) NTFS \\?\Volume{29b93cac-050b-4f80-beed-25f2d6bc1e4d}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: A352B725) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: A352B744) Partition: GPT. ==================== End of Addition.txt ============================